Thomas Widhalm wrote: > Hi! > > We encountered a rather strange problem. One of our servers (RHAS 4, NIS > client, NFS client) lost parts of its /etc/passwd . Within some hours > only the end of the passwd file was remaining, meaning that root, system > users and some important users were missing! So we could not log in via > ssh or locally. > > We booted from CD copying a backup over the passwd file. > > Anyway, we want to know, how this could happen. The server lost > connection to NIS and NFS before this problem appeared (NIS and NFS > server crashing) > > Did any of you encounter this? > > Regards, > Thomas > It might be a good idea to take a close look at the logs, and make other checks to make sure the system was not cracked. It could be that someone goofed when editing your password file. You can also run into problems if you edit the password file directly in a text editor, instead of using vipw and a user gets modified/added/deleted by someone else at the same time. (Changing their password should not bother it, because that is in another file, but users can run chfn or chsh and change passwd.) The vipw and vigr programs use the proper locking to safely edit the passwd and group files. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
